Security News > 2021 > September > New 0-Day Attack Targeting Windows Users With Microsoft Office Documents
Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents.
"Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents," the company said.
"An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights," it added.
EXPMON, in a tweet, noted it they found the vulnerability after detecting a "Highly sophisticated zero-day attack" aimed at Microsoft Office users, adding it passed on its findings to Microsoft on Sunday.
It's worth noting that the current attack can be suppressed if Microsoft Office is run with default configurations, wherein documents downloaded from the web are opened in Protected View or Application Guard for Office, which is designed to prevent untrusted files from accessing trusted resources in the compromised system.
Microsoft, upon completion of the investigation, is expected to either release a security update as part of its Patch Tuesday monthly release cycle or issue an out-of-band patch "Depending on customer needs." In the interim, the Windows maker is urging users and organizations to disable all ActiveX controls in Internet Explorer to mitigate any potential attack.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/8XfTlHB1Kh8/new-0-day-attack-targeting-windows.html
Related news
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)
- Microsoft Office LTSC 2024 preview available for Windows, Mac (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Microsoft rolls back decision to stop Windows 11 22H2 preview updates (source)
- CISA warns of Microsoft Streaming bug exploited in malware attacks (source)
- Microsoft: Windows 11 “invites” coming to more Windows 10 Pro PCs (source)
- Hackers steal Windows NTLM authentication hashes in phishing attacks (source)
- Microsoft is killing off the Android apps in Windows 11 feature (source)
- Microsoft says Windows 10 21H2 support is ending in June (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)